Bug#374705: [Pkg-shadow-devel] Bug#374705: tentative patch
Quoting Frans Pop ([EMAIL PROTECTED]): On Wednesday 21 June 2006 22:26, you wrote: However, I think the issue is not present in the 4.0.16 versions (according to my tests and according to the code). Can somebody else confirm? Confirmed. If I do a new install of unstable, the mail spool dir is clean. So, this is probably because there were some differences in the patch we temporarily applied in Debian to cover the security issue supposedly fixed by 4.0.15-10 and the one that was really applied by Tomasz in 4.0.16. Hence, closing the bug with Version: 4.0.16-1 seems fair. 4.0.16-2 is now in testing anyway. Waiting for others input signature.asc Description: Digital signature
Bug#374705: [Pkg-shadow-devel] Bug#374705: tentative patch
Dnia 21-06-2006, śro o godzinie 10:55 +0100, Stephen Gran napisał(a):
--- src/useradd.c~ 2006-06-21 10:51:01.0 +0100
+++ src/useradd.c 2006-06-21 10:51:17.0 +0100
@@ -1599,6 +1599,7 @@
if (fd 0) {
perror (_(Creating mailbox file));
return;
+ } else {
gr = getgrnam (mail);
if (!gr) {
Above is return so instead else can be placed by only }.
OK. I'll ASAP commit neccessary changes.
Probaly in comming monday will be good release 4.0.17.
kloczek
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#374705: [Pkg-shadow-devel] Bug#374705: tentative patch
This one time, at band camp, Christian Perrier said:
Quoting Frans Pop ([EMAIL PROTECTED]):
On Wednesday 21 June 2006 22:26, you wrote:
However, I think the issue is not present in the 4.0.16 versions
(according to my tests and according to the code).
Can somebody else confirm?
Confirmed. If I do a new install of unstable, the mail spool dir is clean.
So, this is probably because there were some differences in the patch
we temporarily applied in Debian to cover the security issue
supposedly fixed by 4.0.15-10 and the one that was really applied by
Tomasz in 4.0.16.
Hence, closing the bug with Version: 4.0.16-1 seems fair.
4.0.16-2 is now in testing anyway.
[EMAIL PROTECTED]:~/source/shadow-4.0.16$ head -n 1 debian/changelog
shadow (1:4.0.16-2) unstable; urgency=low
[EMAIL PROTECTED]:~/source/shadow-4.0.16$ grep -B 17 fchown src/useradd.c
fd = open (file, O_CREAT | O_WRONLY | O_TRUNC | O_EXCL, 0);
if (fd 0) {
perror (_(Creating mailbox file));
return;
gr = getgrnam (mail);
if (!gr) {
fprintf (stderr,
_
(Group 'mail' not found. Creating the
user mailbox file with 0600 mode.\n));
gid = user_gid;
mode = 0600;
} else {
gid = gr-gr_gid;
mode = 0660;
}
if (fchown (fd, user_id, gid) || fchmod (fd, mode))
The bug is present in 1:4.0.16-2. Unless I'm missing something?
--
-
| ,''`.Stephen Gran |
| : :' :[EMAIL PROTECTED] |
| `. `'Debian user, admin, and developer |
|`- http://www.debian.org |
-
signature.asc
Description: Digital signature
Bug#374705: [Pkg-shadow-devel] Bug#374705: tentative patch
Dnia 22-06-2006, czw o godzinie 11:18 +0100, Stephen Gran napisał(a): [..] The bug is present in 1:4.0.16-2. Unless I'm missing something? Please test patch from: http://cvs.pld.org.pl/shadow/src/useradd.c?r1=1.97r2=1.99 kloczek -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#374705: [Pkg-shadow-devel] Bug#374705: tentative patch
This one time, at band camp, Tomasz K??oczko said: Dnia 22-06-2006, czw o godzinie 11:18 +0100, Stephen Gran napisa??(a): [..] The bug is present in 1:4.0.16-2. Unless I'm missing something? Please test patch from: http://cvs.pld.org.pl/shadow/src/useradd.c?r1=1.97r2=1.99 [EMAIL PROTECTED]:~/source/shadow-4.0.16$ sudo src/useradd -d /home/xxx -g xxx -s /bin/bash -u 1007 xxx [EMAIL PROTECTED]:~/source/shadow-4.0.16$ ll /var/mail/ -rw-rw 1 xxx mail 0 2006-06-22 13:36 xxx That looks fine. Thanks, -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#374705: [Pkg-shadow-devel] Bug#374705: tentative patch
tags 374705 fixed-upstream thanks Above is return so instead else can be placed by only }. OK. I'll ASAP commit neccessary changes. Probaly in comming monday will be good release 4.0.17. OK, so you will release with this fix. If that's completely sure, then I think that I will not try to upload a 4.0.16-3 release in Debian in the meantimeas long as I'm completely sure that the issue is fixed very soon in upstream. For the sake of it, I commit this patch in our SVN. signature.asc Description: Digital signature
Bug#374705: [Pkg-shadow-devel] Bug#374705: tentative patch
package passwd clone 374705 -1 retitle -1 useradd do not create the mail spool (even with CREATE_MAIL_SPOOL=yes in /etc/default/useradd) severity -1 normal thanks Hello Stephen, On Thu, Jun 22, 2006 at 11:18:44AM +0100, Stephen Gran wrote: The bug is present in 1:4.0.16-2. Unless I'm missing something? Well, the bug present in 1:4.0.16-2 is a little bit different: no mail spools are created - even when CREATE_MAIL_SPOOL is set to yes So I'm cloning this bug. The new bug is pending and fixed upstream, with a normal severity. I will close 374705 with the 1:4.0.16-1 version of passwd. Kind Regards, -- Nekral -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#374705: [Pkg-shadow-devel] Bug#374705: tentative patch
This one time, at band camp, Nicolas François said: Hello Stephen, On Thu, Jun 22, 2006 at 11:18:44AM +0100, Stephen Gran wrote: The bug is present in 1:4.0.16-2. Unless I'm missing something? Well, the bug present in 1:4.0.16-2 is a little bit different: no mail spools are created - even when CREATE_MAIL_SPOOL is set to yes So I'm cloning this bug. The new bug is pending and fixed upstream, with a normal severity. I will close 374705 with the 1:4.0.16-1 version of passwd. Well it's really, no mail spools are created, but if they were, this bug would be present, but I see your point :) Glad it's fixed now. Take care, -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#374705: [Pkg-shadow-devel] Bug#374705: tentative patch
Tomasz,
On Wed, Jun 21, 2006 at 10:55:36AM +0100, Stephen Gran wrote:
Hey all,
I think I might have found the problem. The mail spool is open()ed, and
then the fd is checked to see if there is an error (as is proper). The
problem is, the fchown/fchmod calls happen in the same logic path as
error handling, not in an else block. The attached patch should fix it.
What I don't understand, is why the mail box is created if this bloc of
code cannot be reached (due to the issue described below).
I have to note in passing, though, that I had to change the line
if (strcasecmp (create_mail_spool, yes) == 0) {
to
if (strcasecmp (def_create_mail_spool, yes) == 0) {
Tomasz, create_mail_spool is never set. It should either be removed, or
set somewhere (e.g. like the other similar variables in process_flags,
even if there is no flags for this value).
to even enter this block in the first place - is there an incomplete
variable name transition, or am I doing something wrong?
--- src/useradd.c~ 2006-06-21 10:51:01.0 +0100
+++ src/useradd.c 2006-06-21 10:51:17.0 +0100
@@ -1599,6 +1599,7 @@
if (fd 0) {
perror (_(Creating mailbox file));
return;
+ } else {
gr = getgrnam (mail);
if (!gr) {
Thanks for the patch. This also looks correct.
I'm attaching another patch, which fixes this issue, the other issue
mentionned by Stephen and another issue (def_create_mail_spool should
never be set to CREATE_MAIL_SPOOL).
Note: I still don't understand the Debian bug and can't reproduce it. I
will look closer later.
Kind Regards,
--
Nekral
Index: src/useradd.c
===
RCS file: /cvsroot/shadow/src/useradd.c,v
retrieving revision 1.97
diff -u -r1.97 useradd.c
--- src/useradd.c 20 Jun 2006 20:00:04 - 1.97
+++ src/useradd.c 21 Jun 2006 19:29:56 -
@@ -343,9 +343,6 @@
* Create by default user mail spool or not ?
*/
else if (MATCH (buf, CREATE_MAIL_SPOOL)) {
- if (*cp == '\0')
- cp = CREATE_MAIL_SPOOL; /* XXX warning: const */
-
def_create_mail_spool = xstrdup (cp);
}
}
@@ -1247,6 +1244,8 @@
if (!sflg)
user_shell = def_shell;
+
+ create_mail_spool = def_create_mail_spool;
}
/*
@@ -1600,7 +1599,7 @@
if (fd 0) {
perror (_(Creating mailbox file));
return;
-
+ } else {
gr = getgrnam (mail);
if (!gr) {
fprintf (stderr,
Bug#374705: [Pkg-shadow-devel] Bug#374705: tentative patch
On Wed, Jun 21, 2006 at 09:57:04PM +0200, Nicolas François wrote: Note: I still don't understand the Debian bug and can't reproduce it. I will look closer later. I checked the code of 4.0.15-10. The bug is present in this version. However, I think the issue is not present in the 4.0.16 versions (according to my tests and according to the code). Can somebody else confirm? I also wonder whether we should make a special note for this bug (to inform the users who created users with 4.0.15-10). Kind Regards, -- Nekral
Bug#374705: [Pkg-shadow-devel] Bug#374705: tentative patch
On Wednesday 21 June 2006 22:26, you wrote: However, I think the issue is not present in the 4.0.16 versions (according to my tests and according to the code). Can somebody else confirm? Confirmed. If I do a new install of unstable, the mail spool dir is clean. pgpew6JqCacpj.pgp Description: PGP signature
